Overview

overview

10

Static

static

10

anonymous42 info.exe

windows7-x64

8

anonymous42 info.exe

windows10-2004-x64

8

Resubmissions

22/07/2024, 13:58

240722-q95hga1arg 10

22/07/2024, 13:55

240722-q8c2ts1hjr 10

22/07/2024, 13:46

240722-q3dfea1emq 10

22/07/2024, 13:42

240722-qzn3qs1djr 10

Sharing

Copy URL Twitter E-mail

General

  • Target

    anonymous42 info.rar

  • Size

    31KB

  • Sample

    240722-qzn3qs1djr

  • MD5

    116d47f718486d216cb167a6d49c45f6

  • SHA1

    71792ec78c58f77918ed031f99c4a51c6ae0e6fe

  • SHA256

    0879d73063bf5b902c68e64687a11dc4595a5336a9a100d774bc0506d670fc8b

  • SHA512

    8d652b39e9d20ee3358d8e21dab8c0521aa31eaae1533a59a8916f627ef999480e3a699661bb46b82934ce1a794cc9732092b435f4c748ed7cfe27a7feab7fa3

  • SSDEEP

    768:PQgT3zcTF6qsB65N9VfHjvtxnaE9sy93t9L2FxxbZtFxle4o:v3zc4HB65DJ7RfL2zlA

Score
10/10
njratericdevasionpersistenceprivilege_escalation

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

Ericd

C2

hakim32.ddns.net:2000

127.0.0.1:10735
Mutex

1fc11d500862b0f4c354276c41420c64

Attributes
  • reg_key

    1fc11d500862b0f4c354276c41420c64

  • splitter

    |'|'|

Targets

    • Target

      anonymous42 info.exe

    • Size

      93KB

    • MD5

      0271262bd01cce8b5eff393bd6408461

    • SHA1

      d07562eeba7c51d6b3ffa494cd3155a482ca7178

    • SHA256

      a5438d2c682420b8ee01d02c1c9f7a005823a5de99b4913fa02b74a2c6b73da4

    • SHA512

      b3628508b6bd5626abd74986fdaecbbc7493a9e0f29f32190314d5f128bb9de269d94b7a30e53c6bad4c52ffab438f2e62a199383201aba9578ab9be0a7c05d2

    • SSDEEP

      768:wY3cUi6xgrKSMZAZL28d2WmtlX+jRoI++WqXxrjEtCdnl2pi1Rz4Rk3mEsGdpLgM:EUvxg1L2AZmDO+2jEwzGi1dDWMDLgS

    Score
    8/10
    evasionpersistenceprivilege_escalation
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks